[icq-devel] Clone recognition.



rad2k at mail.ru rad2k at mail.ru
Fri Nov 1 17:58:58 CET 2002


> > But even if i guess it isn't a totaly safe, i guess sometimes it's necessary
> > if you want to provide a new service [ex : encrypted messages.]

i've used it for encryption in my icq client, seemed like the best thing to do.
ysmv7.sourceforge.net is the url as you were probably spammed not too much time
ago with the last release.

> > So my question is, is it safe to let AOL recognize our clone ? They could
> > just block packet coming from our clones...

seems like a pretty simple level question to make. If they actually want to
hunt you down, they will, meanwhile enjoy your working icq client. Even though
my client changes those timestamps, it uses the client identification string
from a mirabilis client.

> If you copy it verbatim like the sim "developer" did, I'll get pretty pissed.

that sucks, ill get pissed too.

> Yours, RЭdiger (mICQ author).

actually sed -s /mICQ author/mICQ developer/
even though the author is dead..i doubt he left you the rights? :)


-----Original Message-----
From: RЭdiger Kuhlmann <icq-list-oWUpAQCWC2r4 at ruediger-kuhlmann.de>
To: icq-devel at blipp.com
Date: Fri, 1 Nov 2002 17:32:53 +0100
Subject: Re:  [icq-devel] Clone recognition.

> 
> 
> >--[Fabrice Michellonet]--<fabrice.michellonet at wanadoo.fr>
> 
> > browsing the differents ICQ protocol databases & related docs, i discovered
> > some clones use differents tricks to recognize themself and to get version
> > info. I think some uses special flags in the snac (0x1, 0x1E)
> 
> "special flags" translates to "(ab)uses time stamps for version information".
> 
> > other have created new capabilities [i.e trillian]
> 
> Either a fixed capability (Trillian, licq (probably unintentional)) or a
> capability with version embedded (sim, mICQ CVS (undocumented because
> subject to change)).
> 
> > So my question is, is it safe to let AOL recognize our clone ? They could
> > just block packet coming from our clones...
> 
> Sure they could. And a real lot of clients are recognizable. If they intend
> to block clients, then clients would adapt and simply remove it.
> 
> > But even if i guess it isn't a totaly safe, i guess sometimes it's necessary
> > if you want to provide a new service [ex : encrypted messages.]
> 
> For example, yes.
> 
> > Here come my second question, which is :  Does this community has already
> > decided of a standardization to perform clone recognizion ?
> 
> _Most_ clients set the first timestamp to 0xffffffxx with xx being client specific,
> and the next timestamp to 0xppqqrrss with p.q.r.s being the client's
> version. There is no agreement on how to form a new capability.
> 
> If you want to get the best currently possibly client detection:
> http://micq.org/source/micq-cvs/src/contact.c
> If you copy it verbatim like the sim "developer" did, I'll get pretty pissed.
> 
> Yours, RЭdiger (mICQ author).
> 
> -- 
>          100 DM =  51    13  .
>          100    = 195 DM 58 pf.
>   mailto:ruediger at ruediger-kuhlmann.de
>     http://www.ruediger-kuhlmann.de/
> -------------------------------------------------
> icq-devel - The forum for ICQ protocol discussion
> For unsubscribe and other mailing list info, see:
> http://www.d.kth.se/~d95-mih/icq/icq-devel/
> 
> 
> 




More information about the icq-devel mailing list